Sounds like the cert is missing a required SAN name. I used namecheap and Let’s Encrypt together before. I had to ensure that *.ziviz.us and ziviz.us were both provided to certbot. I used manual DNS challenges, and it looked like this:
certbot certonly --manual --preferred-challenges dns
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Please enter the domain name(s) you would like on your certificate (comma and/or
space separated) (Enter 'c' to cancel): ziviz.us *.ziviz.us
Compounded by sites like RSSing that frame or scrape other websites. Another hit, but literally the same thing verbatim as another.
I don’t personally know of any but in a similar vein there are some stone monuments intended to convey information after an apocalypse like the Georgia Guidestones or the nuclear waste site warning stones. GitHub put a snapshot of all active code repositories from 2020 in arctic permafrost, and there is the arctic seed vault for preserving plant species.
I don’t think this is possible through DNS filtering because it is your home lemmy instance showing you the results. You could block specific communities, turn off NSFW posts in your profile, or use a filter in Ublock Origin. These are all client-side solutions and would not auto-apply to a whole network. I don’t think there is a feature to block posts from a whole instance without being in charge of your own instance and de-federating. I would wager a per-user instance block will be coming down the pipe eventually.
If you ensured both the subdomain and the domain name were provided when using certbot, then it could be a case where the server is still using a previous cert. I had issues where changing the cert in NameCheap did not immediately take affect. (In the NameCheap CPanel console, cert would be fine, but actually visiting the site would still present the old cert for a while.) There were at least a couple times where it only presented the new cert after I fully removed the old one from Cpanel. Other than that, running out of ideas.